[jboss-user] [Security & JAAS/JBoss] - Re: Principal from Servlet to EJB not propagating?

forumer do-not-reply at jboss.com
Fri Oct 27 00:35:47 EDT 2006

As you suspected, request.getRemoteUser() is returning null.

There is one slight difference that makes me not use BASIC or FORM login; I am plucking the username out of the request header which is passed on to this servlet from a SSO framework.

All requests come through this servlet. So, yes, user principle and Subject are being created at every request.

So, is there a way I can do a IsUserInRole type check in the jsp's that this servlet dispatches to?

On a related note, what enables for this user to be propagated successfully to EJB layer, even though it's not available to the authenticating Servlet itself?

Thanks for your help!

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3981208#3981208

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3981208

More information about the jboss-user mailing list